Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/NZ7at05whnRwipMIwVGL-i18qSU.roa
File: NZ7at05whnRwipMIwVGL-i18qSU.roa (raw, json)
Hash identifier: AynTVmVxvgd1r7WV7gZlWqWlhOFnyR05Tq4/iH98Fwk=
Subject key identifier: 35:9E:DA:B7:4E:70:86:74:70:8A:93:08:C1:51:8B:FA:2D:7C:A9:25
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 51E1
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NZ7at05whnRwipMIwVGL-i18qSU.roa
Signing time: Tue 07 May 2024 18:23:53 +0000
ROA not before: Tue 07 May 2024 18:23:53 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 43.239.0.0/19 maxlen: 19
101.78.32.0/19 maxlen: 19
103.35.0.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20961 (0x51e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 7 18:23:53 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=359EDAB74E708674708A9308C1518BFA2D7CA925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7f:66:f1:41:d0:81:af:76:1b:07:78:71:35:
1f:5f:d8:0e:00:b0:ef:95:83:28:12:b8:f9:43:e7:
fe:6e:39:f6:70:89:28:ba:76:8b:72:f4:43:64:d7:
cc:8a:16:ce:65:8e:0b:de:7f:c3:a3:70:b4:96:d0:
f3:ac:47:35:8f:9c:82:ab:16:0a:4a:9a:f1:06:58:
d1:75:d4:3f:19:0d:70:08:c4:c7:9a:19:a6:7f:47:
f7:e7:8c:87:8e:fa:b6:30:75:91:34:f0:a4:1a:da:
d9:0c:f9:2f:fd:ed:32:2f:d6:8d:36:7a:1a:af:7e:
f4:c8:1b:a0:c7:d9:82:0c:b5:cd:f6:8e:7b:a3:07:
15:59:39:ff:ff:fe:f0:82:50:70:e0:43:2a:56:59:
23:85:b6:c2:54:23:8b:10:ae:7e:a2:f3:15:2d:93:
dc:be:8a:78:19:ad:f4:12:18:08:13:c1:34:90:83:
04:25:28:40:1d:e7:c6:19:0d:34:e1:d1:53:5e:c0:
ca:8e:16:51:93:07:c8:16:60:05:96:ad:72:a1:a2:
82:73:28:65:2b:7e:64:28:5f:98:66:4a:47:ef:7d:
45:65:61:1d:7b:43:73:69:07:f2:8d:a7:9c:55:b3:
32:b0:e1:eb:7c:8a:9f:17:c5:b6:b9:91:0d:7e:7a:
1b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:9E:DA:B7:4E:70:86:74:70:8A:93:08:C1:51:8B:FA:2D:7C:A9:25
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/NZ7at05whnRwipMIwVGL-i18qSU.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.0.0/19
101.78.32.0/19
103.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
39:0b:8c:a4:38:ec:32:36:d6:74:0f:97:e5:0d:7c:02:53:c2:
69:bf:ea:5f:6d:36:4d:3d:21:cb:7a:67:ae:37:fc:99:7d:b4:
47:a9:9c:68:60:68:07:14:6a:be:08:fb:7b:d8:23:37:5a:fe:
43:f1:52:aa:e1:d3:18:2a:67:9a:7d:ee:28:08:5b:f0:4b:a4:
e3:8f:e2:18:9b:87:93:2f:f5:fd:ac:dd:ea:54:e0:eb:47:cc:
b2:02:3c:f8:23:ef:ce:61:08:b6:62:7d:25:c3:11:b7:09:fa:
89:61:c6:c9:c8:f0:20:2c:c2:c4:e6:0b:5e:a8:3f:3f:0a:23:
bf:28:8c:f0:49:eb:41:3c:04:87:d0:0a:7f:5c:c0:4a:5b:ca:
ab:0d:55:2c:54:7f:95:51:48:93:ab:31:c1:d0:3f:48:cc:36:
e5:ad:a1:3d:28:c8:65:79:41:ae:a1:27:5a:62:8f:0c:c8:29:
18:8d:5c:5b:9b:61:73:1b:ad:2f:c8:26:ab:56:aa:09:b4:ac:
80:e3:2b:c2:bf:52:6b:68:c5:04:44:83:1e:6a:87:93:e5:61:
c3:81:4b:0a:98:d9:bf:bf:86:36:eb:5f:e5:40:1b:22:66:f6:
31:73:7d:38:9d:93:60:18:fd:42:0a:2d:50:bf:0a:a1:be:3b:
46:a2:e5:82
-----BEGIN CERTIFICATE-----
MIIE4TCCA8mgAwIBAgICUeEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDcx
ODIzNTNaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDM1OUVEQUI3NEU3MDg2
NzQ3MDhBOTMwOEMxNTE4QkZBMkQ3Q0E5MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7f2bxQdCBr3YbB3hxNR9f2A4AsO+VgygSuPlD5/5uOfZwiSi6
doty9ENk18yKFs5ljgvef8OjcLSW0POsRzWPnIKrFgpKmvEGWNF11D8ZDXAIxMea
GaZ/R/fnjIeO+rYwdZE08KQa2tkM+S/97TIv1o02ehqvfvTIG6DH2YIMtc32jnuj
BxVZOf///vCCUHDgQypWWSOFtsJUI4sQrn6i8xUtk9y+ingZrfQSGAgTwTSQgwQl
KEAd58YZDTTh0VNewMqOFlGTB8gWYAWWrXKhooJzKGUrfmQoX5hmSkfvfUVlYR17
Q3NpB/KNp5xVszKw4et8ip8Xxba5kQ1+ehsLAgMBAAGjggH9MIIB+TAdBgNVHQ4E
FgQUNZ7at05whnRwipMIwVGL+i18qSUwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L05aN2F0MDV3aG5Sd2lw
TUl3VkdMLWkxOHFTVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBID
BAUr7wADBAVlTiADBAVnIwAwDQYJKoZIhvcNAQELBQADggEBADkLjKQ47DI21nQP
l+UNfAJTwmm/6l9tNk09Ict6Z643/Jl9tEepnGhgaAcUar4I+3vYIzda/kPxUqrh
0xgqZ5p97igIW/BLpOOP4hibh5Mv9f2s3epU4OtHzLICPPgj785hCLZifSXDEbcJ
+olhxsnI8CAswsTmC16oPz8KI78ojPBJ60E8BIfQCn9cwEpbyqsNVSxUf5VRSJOr
McHQP0jMNuWtoT0oyGV5Qa6hJ1pijwzIKRiNXFubYXMbrS/IJqtWqgm0rIDjK8K/
UmtoxQREgx5qh5PlYcOBSwqY2b+/hjbrX+VAGyJm9jFzfTidk2AY/UIKLVC/CqG+
O0ai5YI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:43:42 2025 by rpki-client